postfix, procmail and SELinux - No Go
Paul Howarth
paul at city-fan.org
Wed Jun 7 13:30:38 UTC 2006
On Wed, 2006-06-07 at 07:41 -0500, Marc Schwartz wrote:
> On Wed, 2006-06-07 at 08:04 +0100, Paul Howarth wrote:
> > On Tue, 2006-06-06 at 21:34 -0500, Marc Schwartz wrote:
> > > Paul,
> > >
> > > OK...seemingly back up and running. Here are the present avc messages
> > > since re-loading everything and confirming that the file contexts are
> > > back to the changes that we made.
> > >
> > > I note that the /proc/meminfo messages are back, but now for
> > > clamassassin. I am sure that I have reloaded the new modules that we
> > > created, so not sure what is up here, unless there was some conflict
> > > when the two versions of the policies we seemingly loaded earlier today.
> > >
> > > Let me know on these and if perhaps I missed something:
> >
> > You forgot that we reverted the clamassassin context change yesterday.
> >
> > # restorecon -v /usr/local/bin/clamassassin
>
> <banging head against the wall...>
>
>
> OK. The additional policy updates have been installed and at this point
> there are no new messages from avclist.
Moment of truth time then!
Try turning on enforcing mode and see if it all still works.
# setenforce 1
Check that mail works in and out, and that pyzor/dcc/spamd etc. are all
working.
If not, we'll need to try changing some of those "dontaudit"s to
"allow"s.
Paul.
More information about the fedora-selinux-list
mailing list